Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1826/4z6VXy_1WqZCKW9EiMZecXXwOdE.roa
File: 4z6VXy_1WqZCKW9EiMZecXXwOdE.roa (raw, json)
Hash identifier: 73K7+A6tTjG9S8ynvPyLtqWJlgAcfjz7LpFyx5FQhKA=
Subject key identifier: E3:3E:95:5F:2F:F5:5A:A6:42:29:6F:44:88:C6:5E:71:75:F0:39:D1
Certificate issuer: /CN=75324D3B8F1D5EBA5770E661EE16AF24A750554F
Certificate serial: 0B71
Authority key identifier: 75:32:4D:3B:8F:1D:5E:BA:57:70:E6:61:EE:16:AF:24:A7:50:55:4F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/4z6VXy_1WqZCKW9EiMZecXXwOdE.roa
Signing time: Tue 02 Jan 2024 03:44:45 +0000
ROA not before: Tue 02 Jan 2024 03:44:45 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 53587
IP address blocks: 103.223.120.0/24 maxlen: 24
103.223.121.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2929 (0xb71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75324D3B8F1D5EBA5770E661EE16AF24A750554F
Validity
Not Before: Jan 2 03:44:45 2024 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=E33E955F2FF55AA642296F4488C65E7175F039D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:75:4a:0b:ba:45:02:35:d5:e8:8f:9a:f3:bd:
73:8f:23:58:1e:a4:16:d9:8a:4b:de:f7:b1:93:4b:
dd:22:c6:f6:4e:2a:6b:90:3b:b1:89:76:2d:c9:51:
03:64:b5:8a:71:f8:c9:fe:3a:23:4e:60:88:dc:4c:
ff:64:fa:6c:f3:57:0b:0d:9d:5a:f5:54:ef:c8:1c:
70:81:30:90:14:db:b8:aa:52:ac:0c:96:29:ac:69:
9e:ae:e8:25:15:5f:39:29:14:c5:8c:00:b3:ed:b1:
a5:b7:bb:ac:b1:79:d8:1a:0c:bd:78:cd:d8:e0:2f:
56:b3:ce:1e:55:65:e2:bb:9f:f6:8a:90:00:38:f1:
c4:78:d4:a4:f5:43:fc:64:5f:c5:5f:d2:0a:c9:4b:
c5:b9:52:34:d0:1f:c3:4f:11:71:0d:66:88:0f:a5:
2e:06:24:44:2a:86:e3:18:74:af:76:bd:b5:5f:9d:
f4:66:f4:a7:b1:8c:08:fc:1f:f2:3c:cf:17:89:32:
a6:d0:fe:c2:70:bb:9a:41:da:eb:80:3b:38:36:be:
39:0a:35:7c:b4:1b:76:09:6d:37:1f:1a:da:06:95:
30:4f:87:74:cd:32:09:9c:32:5d:c2:4e:8a:1a:94:
d2:69:36:ff:a6:e1:c7:b6:a1:b5:d0:63:26:63:cf:
95:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:3E:95:5F:2F:F5:5A:A6:42:29:6F:44:88:C6:5E:71:75:F0:39:D1
X509v3 Authority Key Identifier:
keyid:75:32:4D:3B:8F:1D:5E:BA:57:70:E6:61:EE:16:AF:24:A7:50:55:4F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/dTJNO48dXrpXcOZh7havJKdQVU8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/4z6VXy_1WqZCKW9EiMZecXXwOdE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.223.120.0/23
Signature Algorithm: sha256WithRSAEncryption
87:46:d9:cb:d6:ce:a5:9d:eb:80:d8:90:0c:f9:ce:9a:a7:7e:
39:c7:66:af:2a:65:cb:30:fe:e4:0b:4f:6b:5f:79:0a:dd:64:
d6:e4:86:86:ee:27:c7:67:d6:49:95:de:53:82:12:91:8c:fe:
c0:e0:c6:db:6c:9d:ab:1c:a8:1e:5a:e9:12:3e:21:82:c3:3a:
10:b7:64:ec:b0:7e:19:81:08:a7:67:b1:b0:3d:a4:e6:56:8b:
b7:69:99:0f:6b:6f:9c:41:5d:a8:a5:76:6b:5f:1e:9d:eb:0e:
ce:dc:3e:83:e4:f6:16:ed:98:9f:6f:4c:13:82:17:a7:d2:3f:
80:ba:cc:98:b6:33:3e:57:79:8f:89:17:13:61:dd:cf:96:1b:
80:34:bb:11:eb:56:c3:a1:24:3f:62:6e:6a:fe:b6:f4:2f:89:
02:22:f0:63:55:9d:b0:71:fa:41:a1:a2:c9:66:64:86:fe:89:
88:da:bf:e3:b7:08:52:5f:86:81:89:1d:89:2e:0a:6d:d3:9b:
95:71:ff:3d:3b:c8:01:4d:51:e3:82:99:3b:29:fc:cd:af:a7:
c8:8a:76:d5:b6:35:82:ce:17:02:30:95:c1:57:37:f9:77:6d:
8b:24:e3:03:f9:63:99:f7:98:a2:ef:52:75:b9:eb:16:0d:6c:
62:97:32:3d
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICC3EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzUz
MjREM0I4RjFENUVCQTU3NzBFNjYxRUUxNkFGMjRBNzUwNTU0RjAeFw0yNDAxMDIw
MzQ0NDVaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKEUzM0U5NTVGMkZGNTVB
QTY0MjI5NkY0NDg4QzY1RTcxNzVGMDM5RDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDndUoLukUCNdXoj5rzvXOPI1gepBbZikve97GTS90ixvZOKmuQ
O7GJdi3JUQNktYpx+Mn+OiNOYIjcTP9k+mzzVwsNnVr1VO/IHHCBMJAU27iqUqwM
limsaZ6u6CUVXzkpFMWMALPtsaW3u6yxedgaDL14zdjgL1azzh5VZeK7n/aKkAA4
8cR41KT1Q/xkX8Vf0grJS8W5UjTQH8NPEXENZogPpS4GJEQqhuMYdK92vbVfnfRm
9KexjAj8H/I8zxeJMqbQ/sJwu5pB2uuAOzg2vjkKNXy0G3YJbTcfGtoGlTBPh3TN
MgmcMl3CTooalNJpNv+m4ce2obXQYyZjz5VbAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU4z6VXy/1WqZCKW9EiMZecXXwOdEwHwYDVR0jBBgwFoAUdTJNO48dXrpXcOZh
7havJKdQVU8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTgy
Ni9kVEpOTzQ4ZFhycFhjT1poN2hhdkpLZFFWVTguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2RUSk5PNDhkWHJwWGNPWmg3aGF2SktkUVZVOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE4MjYvNHo2Vlh5XzFXcVpD
S1c5RWlNWmVjWFh3T2RFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWffeDANBgkqhkiG9w0BAQsFAAOCAQEAh0bZy9bOpZ3rgNiQDPnOmqd+Ocdm
ryplyzD+5AtPa195Ct1k1uSGhu4nx2fWSZXeU4ISkYz+wODG22ydqxyoHlrpEj4h
gsM6ELdk7LB+GYEIp2exsD2k5laLt2mZD2tvnEFdqKV2a18enesOztw+g+T2Fu2Y
n29ME4IXp9I/gLrMmLYzPld5j4kXE2Hdz5YbgDS7EetWw6EkP2Juav629C+JAiLw
Y1WdsHH6QaGiyWZkhv6JiNq/47cIUl+GgYkdiS4KbdOblXH/PTvIAU1R44KZOyn8
za+nyIp21bY1gs4XAjCVwVc3+XdtiyTjA/ljmfeYou9SdbnrFg1sYpcyPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:24 2024 by rpki-client on console-ams.rpki-client.org